Information on source package libjpeg-turbo

Available versions

ReleaseVersion
jessie1:1.3.1-12
jessie (security)1:1.3.1-12+deb8u2
stretch1:1.5.1-2
buster1:1.5.2-2
sid1:1.5.2-2

Open issues

BugjessiestretchbustersidDescription
CVE-2018-14498fixedvulnerable (no DSA)vulnerable (no DSA)vulnerableget_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG th ...
CVE-2018-1152fixedvulnerable (no DSA)vulnerable (no DSA)vulnerablelibjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerabilit ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2017-15232vulnerablevulnerablevulnerablevulnerablelibjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and j ...

Resolved issues

BugDescription
CVE-2018-20330The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflo ...
CVE-2018-19664libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel ...
CVE-2018-11214An issue was discovered in libjpeg 9a. The get_text_rgb_row function i ...
CVE-2018-11213An issue was discovered in libjpeg 9a. The get_text_gray_row function ...
CVE-2018-11212An issue was discovered in libjpeg 9a. The alloc_sarray function in jm ...
CVE-2016-6702A remote code execution vulnerability in libjpeg in Android 4.x before ...
CVE-2016-3616The cjpeg utility in libjpeg allows remote attackers to cause a denial ...
CVE-2014-9092libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial o ...
CVE-2013-6630The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as ...
CVE-2013-6629The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-t ...
CVE-2012-2806Heap-based buffer overflow in the get_sos function in jdmarker.c in li ...

Security announcements

DSA / DLADescription
DLA-1719-1libjpeg-turbo - security update
DLA-1638-1libjpeg-turbo - security update

Search for package or bug name: Reporting problems